Representatives from three voting machine companies expressed
their criticisms against a California state-sponsored “top-to-bottom review”
that found “very real” vulnerabilities in their products.

The study was lead by UC Davis professor Matt Bishop, who
discussed the study at a hearing held by Secretary of State Debra Bowen, whose
office is currently deciding whether or not to allow the machines’ use during
the Feb. 5 presidential primary.

Under a contract with UC Davis and Bowen’s office, Bishop’s study
examined machines from Diebold Election Systems, Hart Intercivic, and Sequoia
Voting Systems. The conclusions, partially released last week, included
findings that the voting systems posed difficulties for voters with
disabilities and were vulnerable to intrusion. "It may be that all of [the
vulnerabilities] can be protected against. It may be that some cannot,” said
Bishop. According to Secretary Bowen, a
fourth company, Election Systems & Software, was also to be included in the
review but was omitted because it was late in providing needed information to
her office.

According to state law, Bowen has until Friday to set the
rules for the upcoming primary election. "I intend to go through a methodical
process to determine what to do next," she said.

Sequoia Systems, in a statement released
Monday on their web site, called the study’s findings “implausible,” objecting
to the fact that the study was conducted in a closed lab environment over a
period of weeks as opposed to a true election environment or in accordance with
ISO criteria. “None of the attacks described … are capable of success,” said
Sequoia sales executive Steven Bennett to a panel of officials from the
Secretary of State’s office.

Diebold and Sequoia further pointed out that the study
evaluated outdated versions of the voting machines and their software. “While
it cannot be guaranteed that all of the extremely improbable vulnerabilities
identified are prevented by subsequent product development and updates, many
are specifically addressed,” said Sequoia. However, Sequoia acknowledged that it
is working to insure that the “few system vulnerabilities” found could not be
used to tamper with election results.

“Voting system reliability is something we're always working
at improving … security is never finished,” said Sequoia spokeswoman Michelle
Schafer.

Hart Intercivic also objected to the study’s laboratory
environment, stressing it was not a considerable substitute for real-world “people,
processes, procedures, policies, and technology” and, in the company’s official statement,
suggested that a better study might “define a realistic threat that faces all
layers of security in an election.”

Even members of the security community have questioned the
study’s approach: “While the goals of this effort were
laudable, our organization is concerned about its execution,” writes
Jim March of watchdog group Black Box Voting, to Secretary Bowen. “Your
agency's review only partially examines the risks of inside manipulation with
these systems. Procedural remedies can be circumvented by those with some level
of inside access. In fact, we would contend that the most high risk
scenario of all is that of inside manipulation, and we would also contend that
the systems used in California cannot be secured from inside tampering.”

Since their inception, voting machines in the US have received
a bad rap amidst a storm of negative press, mishaps, and concern about their
ability to be tampered with:

In September 2006, Princeton researchers were able to hack Diebold’s
AccuVote-TS machine, going so far as to write a computer virus that spread
between other Diebold machines. Later, voting machines from Sequoia were also found to have similar vulnerabilities. “You can’t
detect it,” explained Princeton Professor Andrew Appel.

In the same month, a
team of untrained 54-year-old women from Black Box Voting, using 4 minutes’
worth of time and $12 in tools, were able to circumvent tamper-proof seals on
a Diebold vote scanner, and were able to replace the device’s memory card.

Also in September 2006, a consulting firm working for Ohio’s
Cuyahoga County -- which includes Cleveland -- found huge discrepancies
between the electronic and paper records kept by Diebold voting machines. Ohio
was a key swing state for the tight 2004 presidential election, and its
electoral votes help decide the result.

Earlier that year in August, Diebold voting machines botched
the Alaska preliminaries in several precincts as they failed
to connect to their dial-up servers to upload vote results, slowing the
election considerably. Officials had to hand-count votes and manually upload
the totals to the central server.

In December 2005, a Diebold whistleblower under the name of “Dieb-throat,”
who was once a “staunch supporter of electronic voting’s potential” gave a scathing
interview to The Raw Story accusing Diebold of
mismanagement and burying known backdoors in their own products, including
one that made the Department of Homeland Security’s National Cyber Alert System
for the first
week of September 2004.

In 2004, Black Box Voting released a video demonstrating that
a chimp, given
an hour of training, was able to hack a Diebold voting machine. “What you saw
was a staged production ... analogous to a magic show,” said Diebold spokesman
David Bear, in response.

These findings, as well as others both negative and
positive, culminated in a March 2007 warning from the US Government
Audit Office as it testified before the Subcommittee on Financial Services and
General Government: “[E-voting] security and reliability concerns are legitimate and
thus merit the combined and focused attention of federal, state, and local
authorities responsible for election administration.”

Comments

Threshold

Username

Password

remember me

This article is over a month old, voting and posting comments is disabled

So let me get this straight. A non-independent study was done in association with a person (Bowen) who is vehemently against these voting machines, in a closed environment, where they had weeks to work on cracking them, were given the source code and ample knowledge of the inner-workings of the machines and they are surprised and shocked when they were cracked? Not to mention the possibility of an inside job?

She must be glad she has a political soapbox to stand on now. I'm not trying to attack anyone but c'mon.

Thief tries to break in to your house with a great electronic lock on it. They can't take it off, go home, look over it, get inside information on the software inside it from the vendor, spend two weeks on it, bring it back, crack it and call it successful. There is also not usually another thief inside waiting to unlock the doors of random houses(inside job). I'm not saying these voting machine are perfect, far from it; but the results of this ridiculous study were known before it started. Hacker + Resources + Time = Wide Open

The problem is how safe the information on these machines are. I understand the need for said info to be released to state agencies that deal with security but we've seen all too often where the information is kept behind flimsy security and easily accessed by those who have decent knowledge of computer security.

Given that the thieves have a chance at accessing the secured code, etc, etc, they can crack the voting machines. I would also like to see how easily compromised the machines are without anything but what is supposed to be publicly known about these machines. This will give you both perspectives and a truer view on how easy it would be to crack into these machines be it physical or digital.

I'd like to see where the source code is that actually runs the machine is on ebay. Let me know if you find it. Hardware is nothing. That's like saying all of one model of servers are the same in terms of security regardless of what software is running on it and how it's setup.

Matt Bishop is rigging the research in a close lab behind the door? He is one of the best if not the best security researcher in the US.

The only thing I can think of about him is that he is tough, and can find security holes every where you least expected it. But come on, every system on earth have security holes, it is a matter of how secure it is and is the security stronger than the thing it needs to be protected that matters. FYI paper voting is also not completely secure, but the question is whether it is more or less secure than the voting machines being tested.

I have taken his computer security course, and can tell you that the way he can think of how and where a system can be hacked is second to none. Heck, in our class we have to hack into a server secure by him as an assignment. He claims to have "completely" secured it by himself and within 24 hrs, one of the student broke in. That shows you how hard it is to make something completely secure.

Maybe Bowen picked Matt Bishop because she knew he is so tough, but that's what security analysis is all about, test it well. It is not Matt Bishop being biased, he is doing his job.

Even if you have paper trail, how can you be sure that the vote counting matches what people vote on? Even if you get a receipt and verify at home, how do you know that the verification at home shows the same thing as the vote counting result? Unless you keep a transaction record that can be traced back to the voter, but then everyone will know who you vote for even if you want to kept your privacy. Imagine if one day this country falls to a dictator and he will come get you if you don't vote for him, how do you protect yourself?

quote: Even if you have paper trail, how can you be sure that the vote counting matches what people vote on? Even if you get a receipt and verify at home, how do you know that the verification at home shows the same thing as the vote counting result?

In my mind, the receipt will be copy transfer paper, so the original (or copy) is still in the machine, on a roll. That way, if there is an issue, the electronic vote count could be compared to the paper. It would be very hard for a hacker to mess with transfer paper, where the original differs from the transfer, that would have to be done with signifigant modifications to the machine hardware. Cash registers have been doing this for ages. Nothing super complex there.

Now, if the roll goes missing, no way to check the electronic votes, but the same can be said if a box of paper ballots goes missing. History has shown us that going electonic has simplified operations, made them more secure (<-yes that true), and has signifigantly reduced error. No reason to fear change.